Static analyzers are widely used to find potential bugs or vulnerabilities in a source code. Static analyzers detect errors that are predefined by respective checkers by executing respective functions thereof, and generate alarm messages when such errors are detected.
When the static analyzer generates an alarm, a process of classifying the alarm types may be performed to analyze the accuracy of the generated alarm.
For example, the static analyzer may not always correctly determine errors while analyzing. Accordingly, a false alarm may be generated by mistakenly determining that an error exists even though there is no error in the source code to be analyzed.
Herein, a type of a generated alarm may be analyzed and classified to respond to an additional analysis of an alarm type with high possibility of false alarm. In general, operations of classifying alarm types have conventionally been performed manually by a developer, such an alarm type classification process is a waste of resources.